VIR Vulnerability Intelligence Relay

CVE-2015-0649

high
Published 2015-03-26 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Cisco IOS 12.2, 12.4, 15.0, 15.2, and 15.3 allows remote attackers to cause a denial of service (device reload) via malformed Common Industrial Protocol (CIP) TCP packets, aka Bug ID CSCun63514.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150325-cip

References

CWEs

CWE-20

Verify integrity in audit chain (admin only). AS-IS.